Implement Security Context for Memcached

Implement a pod security context for the following Memcached resources: - Memcached server deployment Change-Id: I8628ceb246e7c435a2ddd20bf1bcecd94db8ea26
2019-02-28 15:51:34 -06:00 · 2019-02-28 15:51:34 -06:00 · 8bbe8452c2
commit 8bbe8452c2
parent 8fb2c7f07c
2 changed files with 6 additions and 2 deletions
--- a/memcached/templates/deployment.yaml
+++ b/memcached/templates/deployment.yaml
@ -43,8 +43,7 @@ spec:
      labels:
 {{ tuple $envAll "memcached" "server" | include "helm-toolkit.snippets.kubernetes_metadata_labels" | indent 8 }}
    spec:
-      securityContext:
-        readOnlyRootFilesystem: true
+{{ dict "envAll" $envAll "application" "server" | include "helm-toolkit.snippets.kubernetes_pod_security_context" | indent 6 }}
      shareProcessNamespace: true
      serviceAccountName: {{ $rcControllerName | quote }}
      affinity:
--- a/memcached/values.yaml
+++ b/memcached/values.yaml
@ -147,6 +147,11 @@ pod:
  user:
    memcached_exporter:
      uid: 65534
+    server:
+      uid: 65534
+  securityContext:
+    server:
+      readOnlyRootFilesystem: true
  affinity:
    anti:
      topologyKey: